use salvo::{handler, prelude::JwtAuthDepotExt, Depot};

use crate::{app_error::AppError, app_writer::AppResult, services::user::is_admin};

use super::jwt::JwtClaims;

#[handler]
pub async fn admin_check(depot:&mut Depot) -> AppResult<()> {
    let jwt_data = depot.jwt_auth_data::<JwtClaims>().ok_or(anyhow::anyhow!("jwt提取失败"))?;
    let admin = is_admin(&jwt_data.claims.user_id).await?;
    if admin {
        Ok(())
    } else {
        let err = AppError::AuthError("not admin");
        Err(err)
    }
}